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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S. C. § 133). 
Any reply received by the Office later than three months after t he mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 11/23/2007 . 
2a)S This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) I3 Claim(s) 1-20 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 

This action is in response to the papers filed 2/26/2007. Claims 1-20 were 
received for consideration. 



Response to Arguments 

Applicant's arguments with respect to claim 1 have been fully considered 
but they are not persuasive. Fox clearly teaches "determining asset value of a 
network node" in column 3 lines 34-59 where the different colors represent 
different asset values and figure 9 clearly teaches a "spanning tree schematic 
includes an indication of said asset value". 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 

i 

Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for patent or 
(2) a patent granted on an application for patent by another filed in the United States before 
the invention by the applicant for patent, except that an international application filed under 
the treaty defined in section 351(a) shall have the effects for purposes of this subsection of an 
application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

Claim 1-7, 9, 10, 12-16, 19 and 20 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Fox et al (U.S. 6,535,227). Fox teaches everything with 
respect to claim 1, a security indication spanning tree method comprising: 



determining asset value of a network node (see abstract and column 3 lines 34- 
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59); ascertaining exposure rating of said network node (see abstract and column 
3 lines 34-59); establishing a functional priority risk indicator for indicating the 
likelihood of an attack from another network node (see abstract and column 3 
lines 34-59); and creating a spanning tree schematic of a network including said 
network node, wherein said spanning tree schematic includes an indication of 
said asset value (see abstract and figure 7, 9 and 10). 

With respect to claim 2, wherein said spanning tree schematic includes an 
indication of said exposure rating (see abstract and figure 7, 9 and 10). 

With respect to claim 3, wherein said spanning tree schematic includes an 
indication of said attack risk (see column 1 lines 31-58). 

With respect to claim 4, wherein said asset value provides an indication of 
an economic value of functions provided by said network node (see column 1 
lines 31-58). 

With respect to claim 5, said asset value corresponds to an economic 
impact of a disruption to functionality provided by said network node (see column 
1 lines 31-58). 

With respect to claim 6, a security indication spanning tree method of 
claim 1 wherein said exposure rating defines a threshold value corresponding to 
connectivity of the network node with other network nodes (see abstract and 
figure 7, 9 and 10 and column 9 line 20-25). 

With respect to claim 7, wherein said network node is given an exposure 
rating value based upon a connectivity distance from a root node (see column 9 
lines 20-25). 
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With respect to claim 8, wherein said root node is a node closest to an 
external network (see figure 1). 

With respect to claim 9, wherein said functional priority risk indicator is 
associated with an economic benefit and utility of functionality said network node 
provides (see column 1 lines 31-58). 

With respect to claim 10, a security indication spanning tree system 
comprising: a bus for communicating information; a processor coupled to said 
bus (see column 5 lines 35 -51 it is inherent that a computer has a processor), 
said processor for processing said information including instructions for building 
an attack impact susceptibility spanning tree representation including asset value 
factors (see column 5 lines 35 -51 ); and a memory coupled to said bus, said 
memory for storing said information (see column 5 lines 35 -51 it is inherent that 
a computer has a memory), including instructions for building said attack impact 
susceptibility spanning tree representation including said asset value factors (see 
abstract, figure 7, 9 and 10 and column 3 lines 34-59). 

With respect to claim 11, wherein said asset risk value is automatically 
determined (see column 5 lines 35 -51). 

With respect to claim 12, further comprising a central console for 
interfacing with a network application management platform (see Abstract and 
column 5 lines 35-51). 

With respect to claim 13, wherein said instructions include attack spread 
risk determination instructions (see column 1 lines 31-58). 
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With respect to claim 14, wherein said instructions include exposure rating 
determination directions (see figure 3 and column 5 lines 35 - column 6 lines 51 
and column 7 line 28 - column 8 line 6). 

With respect to claim 15, a computer usable storage medium having 
computer readable program code embodied therein for causing a computer 
system to implement security indication spanning tree instructions comprising: a 
device examination module for examining information regarding devices included 
in a centralized resource network, wherein said examining includes ascertaining 
what applications said devices support; an importance indication module for 
obtaining an indication of a relative importance of functionality provided by said 
device (see column 5 lines 35 -51 and column 7 line 28 - column 8 line 6); and a 
spanning tree module for building a spanning tree topology representation 
including said indication of said relative importance of said device in supporting 
said applications (see abstract, figure 7, 9 and 10 and column 3 lines 34-59). 

With respect to claim 16, herein said relative importance of said device is 
based upon an economic value of functions said devices performs in support of 
said applications (see column 1 lines 31-58). 

With respect to claim 19, further comprising an attack danger assessment 
module for assessing the danger of an attack from other devices included in said 
network (see column 1 lines 31-58). 

With respect to claim 20, further comprising: deriving an attack danger 
indication based upon said indication of said relative importance of said device 
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and said connectivity threshold value; and associating said attack danger 
indication with said device (see column 1 lines 31-58). 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action. 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

Claims 17 and 18 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Fox et al (U.S. 6,535,227) in view of Burrows et al (U.S. 
2002/0073338). Fox teaches everything with respect to claim 15 but with respect 
to claim 17 Fox does not teach further comprising an internal attack permeability 
module for investigating the permeability of a network in permitting an internal 
attack on a device from other devices included in the network. 17. Burrows an 
internal attack permeability module for investigating the permeability of a network 
in permitting an internal attack on a device from other devices included in the 
network (see Borrows paragraph 0040-0041 ). It would have been obvious to one 
of ordinary skill in the art at the time the invention was made to modify the 
method of Fox with the method of Burrows to diffuse attack from a first 
component to a second component in the network in order to mitigate the effects 
of undesirable behavior on the network, as taught by Burrows (see Burrows 
paragraph 0028]). 
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With respect to claim 18 wherein said investigating includes: analyzing the 
ease of attack on said device from other devices in said centralized resource 
network; and assigning an connectivity threshold value to said device based 
upon said analysis of said ease of attack (see Borrows paragraph 0040-0041). 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of 
time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply is 
filed within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
period, then the shortened statutory period will expire on the date the advisory 
action is mailed, and any extension fee pursuant to 37 CFR 1 .136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Devin Almeida whose telephone number is 
571-270-1018. The examiner can normally be reached on Monday-Thursday 
from 7:30 A.M. to 5:00 P.M. The examiner can also be reached on alternate 
Fridays from 7:30 A.M. to 4:00 P.M. 
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If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Gilberto Barron, can be reached on 571-272-3799. The 
fax phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). 





Devin Almeida 
Patent Examiner 
12/04/2007 
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